The Trusted Execution Environment (TEE) is a secure portion of a processor of a mobile device that ensures that sensitive data is processed in a protected and trusted environment. The TEE may offer safe execution of trusted applications and end-to-end security of access to data, software and hardware resources. The TEE is part of the security framework of a mobile device. FIG. 1 shows a security framework 100 with the Rich Operating System (Rich OS) or Rich Execution Environment (REE) 102, the TEE 104 and the Secure Element (SE) 106. The Rich OS 102 executes applications available from third parties. The SE 106 includes software and tamper resistant hardware for high levels of security for proximity payment applications, electronic signatures and PIN numbers.
The TEE 104 helps to control access rights and offers protection against software attacks that may originate from the Rich OS 102 environment. For example, the TEE 104 provides the environment for high-definition (HD) video providers to keep their premium content secure so that it cannot be duplicated or shared.
However, the configuration of hardware resources available for keys stored in the TEE 104 is static and hardcoded by the manufacturer. Any change to the TEE use of hardware resources for a key requires all the software of the TEE 104 to be flashed or overwritten. It is rather expensive to change the configuration of stored keys in order to add new use cases or modify old use cases for usage of the hardware resources.